Is it a good idea to check the HTTP request query string and indicate an error once there's an unexpected parameter?

My ASP.NET application will have to handle HTTP GET requests that will have the following URL format:

http://mySite/getStuff?id="actua开发者_如何学编程lIdHere"

currently the requirement is to validate that there're no parameters in the query string except id and indicate an error like "unknown parameter P passed".

Is such requirement a good idea? Will it interfere with some obviously valid cases of using the application I haven't thought of?

It would be better to just validate the presence of id.

Validating unknown parameters doesn't serve much of a purpose, they will just be ignored.

Just edited my answer here:

There are also tracking solutions out there that will add to your query string.

One that comes to mind is web analytics. If your application is going to be a public web site, you will want to implement some tracking of your traffic (e.g. google analytics). If you want to implement a marketing campaign to draw traffic to your site, you will likely need to add a few parameters (specific to the tracking system you're using) to your querystring to check the effectiveness of your campaign.

It depends on your target audience.

It is not a good practice for public websites where you are aware of SEO, for example if you implement Google Analytics then a user come to your site from Search Results may have a parameter in URL like googleclid.

However in more protected websites it is fine.

It might affect forward compatiblity. For example, if you have separate client applications/websites that actually call this URLs, and future versions of these clients might provide additional parameters to getStuff (like a sort ordering, backlink, etc), making hard requirements on the parameters might make it harder to roll out new versions smoothly (i.e. cannot roll out new clients until the server is updated).

This in addition to the traffic forwarding parameters public websites might get as additional input, like the other answers mention.